USB won't work, scans have errors, and pop-up pages GRRR

AdvancedSetup · April 15, 2009

Please post a status update on this.

Thanks.

AdvancedSetup · April 16, 2009

Still waiting for the logs. Please respond or we'll be closing the post soon.

Thanks.

AdvancedSetup · April 17, 2009

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Yammits · April 22, 2009

ComboFix 09-04-22.02 - Tim 04/21/2009 19:38.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.265 [GMT -5:00]

Running from: c:\documents and settings\Tim\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Tim\Desktop\CFscript.txt

* Created a new restore point

FILE ::

c:\windows\system32\drivers\eerguzwj.sys

c:\windows\system32\drivers\goztymnr.sys

c:\windows\system32\drivers\hequllca.sys

c:\windows\system32\drivers\mprijquj.sys

c:\windows\system32\drivers\npf.sys

c:\windows\system32\drivers\pnmdhkci.sys

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\drivers\eerguzwj.sys

c:\windows\system32\drivers\goztymnr.sys

c:\windows\system32\drivers\mprijquj.sys

c:\windows\system32\drivers\pnmdhkci.sys

.

((((((((((((((((((((((((( Files Created from 2009-03-22 to 2009-04-22 )))))))))))))))))))))))))))))))

.

2009-04-20 02:17 . 2009-04-20 02:17 0 ----a-w c:\windows\ViewNX.INI

2009-04-20 02:09 . 2001-08-18 03:36 5632 ----a-w c:\windows\system32\ptpusb.dll

2009-04-20 02:09 . 2008-04-14 00:12 159232 ----a-w c:\windows\system32\ptpusd.dll

2009-04-20 02:07 . 2009-04-20 02:14 -------- d-----w c:\documents and settings\Tim\Application Data\Nikon

2009-04-20 01:48 . 2009-04-20 02:14 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT

2009-04-20 01:48 . 2009-04-20 01:48 -------- d-----w c:\documents and settings\All Users\Application Data\URLs

2009-04-20 01:37 . 2009-04-20 02:07 -------- d-----w c:\program files\Common Files\Nikon

2009-04-20 01:37 . 2009-04-20 01:37 -------- d-----w c:\documents and settings\All Users\Application Data\Nikon

2009-04-20 01:36 . 2009-04-20 01:49 -------- d-----w c:\program files\Nikon

2009-04-20 01:35 . 2009-04-20 02:15 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT

2009-04-20 01:35 . 2009-04-20 01:48 -------- d-----w c:\documents and settings\All Users\Application Data\Ultima_T15

2009-04-20 01:35 . 2009-04-20 01:48 -------- d-----w c:\documents and settings\All Users\Application Data\EnterNHelp

2009-04-20 01:35 . 2009-04-20 01:35 -------- d-----w c:\documents and settings\All Users\Application Data\Tables

2009-04-20 01:33 . 2009-04-20 01:33 -------- d-----w c:\program files\ArcSoft

2009-04-16 21:45 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll

2009-04-16 21:45 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll

2009-04-16 21:45 . 2009-02-06 10:39 35328 -c----w c:\windows\system32\dllcache\sc.exe

2009-04-16 21:45 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll

2009-04-16 21:45 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll

2009-04-16 21:45 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll

2009-04-16 21:45 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll

2009-04-16 21:45 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll

2009-04-16 21:45 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe

2009-04-16 21:45 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe

2009-04-16 21:44 . 2009-03-27 06:58 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb

2009-04-16 21:44 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll

2009-04-16 21:44 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe

2009-04-07 23:52 . 2009-04-07 23:52 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2009-04-07 18:21 . 2009-04-07 18:25 -------- d-----w c:\program files\SpywareBlaster

2009-04-07 14:55 . 2009-04-07 15:20 -------- d-----w c:\documents and settings\Tim\DoctorWeb

2009-04-07 01:26 . 2009-04-08 04:06 -------- d-----w c:\program files\SUPERAntiSpyware

2009-04-07 01:26 . 2009-04-07 01:26 -------- d-----w c:\documents and settings\Tim\Application Data\SUPERAntiSpyware.com

2009-04-07 01:26 . 2009-04-07 01:26 -------- d-----w c:\program files\Common Files\Wise Installation Wizard

2009-04-07 01:23 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-04-07 01:23 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-04-07 01:17 . 2009-04-11 14:39 -------- d-----w c:\documents and settings\Tim\Local Settings\Application Data\WinZip

2009-04-07 01:16 . 2009-04-07 01:17 -------- d-----w c:\documents and settings\All Users\Application Data\WinZip

2009-04-03 04:31 . 2009-04-03 04:31 22847 ----a-w c:\windows\system32\AAWService_2009_04_02_23_31_40.dmp

2009-04-03 04:17 . 2009-04-03 04:17 20952 ----a-w c:\windows\system32\AAWService_2009_04_02_23_17_50.dmp

2009-04-03 03:51 . 2009-04-06 13:02 -------- d-----w c:\program files\Spybot - Search & Destroy

2009-04-03 03:51 . 2009-04-06 13:01 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-04-03 03:46 . 2009-04-03 03:46 21164 ----a-w c:\windows\system32\AAWService_2009_04_02_22_46_38.dmp

2009-04-02 19:58 . 2009-04-02 19:58 20263 ----a-w c:\windows\system32\AAWService_2009_04_02_14_58_26.dmp

2009-04-02 19:54 . 2009-04-02 19:54 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-04-22 00:35 . 2008-01-26 21:17 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP

2009-04-21 08:19 . 2009-04-06 14:57 -------- d-----w c:\program files\Spyware Doctor

2009-04-21 02:09 . 2007-12-20 21:07 3766 --sha-w c:\windows\system32\KGyGaAvL.sys

2009-04-20 01:33 . 2006-01-19 03:49 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-07 23:53 . 2009-03-20 20:20 -------- d-----w c:\program files\Malwarebytes' Anti-Malware

2009-04-06 15:31 . 2009-04-06 14:57 66952 ----a-w c:\windows\system32\drivers\iksysflt.sys

2009-04-06 15:31 . 2009-04-06 14:57 81288 ----a-w c:\windows\system32\drivers\iksyssec.sys

2009-04-06 15:31 . 2009-04-06 14:57 40840 ----a-w c:\windows\system32\drivers\ikfilesec.sys

2009-04-06 14:57 . 2009-04-06 14:57 -------- d-----w c:\documents and settings\Tim\Application Data\PC Tools

2009-04-06 14:14 . 2009-04-06 14:14 -------- d-----w c:\program files\Windows Defender

2009-04-06 13:51 . 2006-01-19 04:38 -------- d-----w c:\program files\Java

2009-04-03 06:46 . 2009-04-03 06:46 -------- d-----w c:\program files\Alwil Software

2009-04-03 06:25 . 2007-09-26 20:01 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee

2009-04-03 06:25 . 2007-09-26 21:17 -------- d-----w c:\program files\McAfee

2009-04-03 05:26 . 2009-04-03 00:36 2681 ----a-w C:\aaw7boot.log

2009-04-02 11:06 . 2008-07-03 13:25 39304 ----a-w c:\documents and settings\Devin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-03-28 09:22 . 2006-10-01 20:57 -------- d-----w c:\program files\Full Tilt Poker

2009-03-21 16:48 . 2009-03-21 16:48 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\SACore

2009-03-21 05:46 . 2009-03-10 04:39 -------- d-----w c:\documents and settings\Tim\Application Data\muvee Technologies

2009-03-20 20:21 . 2009-03-20 20:21 -------- d-----w c:\documents and settings\Tim\Application Data\Malwarebytes

2009-03-20 20:20 . 2009-03-20 20:20 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes

2009-03-20 15:22 . 2009-03-20 03:05 -------- d-----w c:\documents and settings\LocalService\Application Data\SACore

2009-03-20 02:59 . 2009-03-20 02:59 -------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor

2009-03-20 01:49 . 2006-11-22 13:00 -------- d-----w c:\documents and settings\Tim\Application Data\Lavasoft

2009-03-18 15:47 . 2009-03-18 15:47 -------- d-----w c:\program files\WinPcap

2009-03-10 07:53 . 2009-03-10 04:32 -------- d-----w c:\documents and settings\All Users\Application Data\muvee Technologies

2009-03-10 05:31 . 2008-10-03 15:11 -------- d-----w c:\program files\LimeWire

2009-03-10 04:39 . 2006-07-25 21:41 39304 ----a-w c:\documents and settings\Tim\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-03-10 04:33 . 2009-03-10 04:32 -------- d-----w c:\program files\Common Files\muvee Technologies

2009-03-10 04:32 . 2009-03-10 04:32 -------- d-----w c:\program files\muvee Technologies

2009-03-10 04:30 . 2007-12-20 20:58 -------- d-----w c:\program files\Corel

2009-03-10 04:21 . 2007-12-20 21:06 -------- d-----w c:\documents and settings\Tim\Application Data\Corel

2009-03-10 04:16 . 2007-12-20 20:58 -------- d-----w c:\program files\Common Files\Corel

2009-03-10 04:10 . 2009-03-10 04:10 -------- d-----w c:\documents and settings\Tim\Application Data\InstallShield

2009-03-09 10:19 . 2009-01-20 00:58 410984 ----a-w c:\windows\system32\deploytk.dll

2009-03-06 14:22 . 2006-01-19 02:02 284160 ----a-w c:\windows\system32\pdh.dll

2009-03-03 00:18 . 2006-01-19 02:02 826368 ----a-w c:\windows\system32\wininet.dll

2009-03-02 12:40 . 2009-03-02 12:40 -------- d-----w c:\documents and settings\Devin\Application Data\Corel

2009-02-20 18:09 . 2006-01-19 02:01 78336 ----a-w c:\windows\system32\ieencode.dll

2009-02-09 12:10 . 2006-01-19 02:01 729088 ----a-w c:\windows\system32\lsasrv.dll

2009-02-09 12:10 . 2006-01-19 02:02 401408 ----a-w c:\windows\system32\rpcss.dll

2009-02-09 12:10 . 2006-01-19 02:02 714752 ----a-w c:\windows\system32\ntdll.dll

2009-02-09 12:10 . 2006-01-19 02:01 617472 ----a-w c:\windows\system32\advapi32.dll

2009-02-09 11:13 . 2006-01-19 02:02 1846784 ----a-w c:\windows\system32\win32k.sys

2009-02-08 00:02 . 2004-08-03 22:59 2066048 ----a-w c:\windows\system32\ntkrnlpa.exe

2009-02-06 11:11 . 2006-01-19 02:02 110592 ----a-w c:\windows\system32\services.exe

2009-02-06 11:08 . 2006-01-19 02:02 2189056 ----a-w c:\windows\system32\ntoskrnl.exe

2009-02-06 10:39 . 2006-01-19 02:02 35328 ----a-w c:\windows\system32\sc.exe

2009-02-03 19:59 . 2006-01-19 02:02 56832 ----a-w c:\windows\system32\secur32.dll

2009-01-19 03:37 . 2009-01-19 03:37 34608 ----a-w c:\documents and settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2008-08-19 17:09 . 2008-07-02 22:31 34608 ----a-w c:\documents and settings\Danni\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2007-10-01 00:43 . 2007-10-01 00:43 126 ----a-w c:\documents and settings\Tim\Local Settings\Application Data\fusioncache.dat

2007-08-15 18:59 . 2007-10-14 18:59 32 ----a-r c:\documents and settings\All Users\hash.dat

2008-08-19 15:19 . 2008-08-19 15:20 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008081920080820\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-30 65536]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-08 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Tvs"="c:\program files\Toshiba\Tvs\TvsTray.exe" [2005-11-30 73728]

"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 352256]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-27 122880]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-03-07 98304]

"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005-03-18 151552]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]

"Corel File Shell Monitor"="c:\program files\Corel\Corel MediaOne\CorelIOMonitor.exe" [2007-12-01 38400]

"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-22 16:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=

"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\\TOSHIBA\\IVP\\ISM\\pinger.exe

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"=

"c:\\Program Files\\McAfee\\MBK\\McAfeeDataBackup.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Common Files\\Microsoft Shared\\VS7Debug\\mdm.exe"=

R0 Fnru77;Fnru77; [x]

R1 hequllca;hequllca; [x]

R2 npf;NetGroup Packet Filter Driver; [x]

R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-08 9968]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-01-15 55024]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]

.

Contents of the 'Scheduled Tasks' folder

2009-04-22 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local;<local>

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s

Trusted Zone: internet

Trusted Zone: mcafee.com

Trusted Zone: select2perform.com\www

Trusted Zone: yahoo.com\www

FF - ProfilePath - c:\documents and settings\Tim\Application Data\Mozilla\Firefox\Profiles\tw6763fm.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: network.proxy.http - localhost

FF - prefs.js: network.proxy.http_port - 7171

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCE08D86A-A41A-410A-943C-13BABB7DC474", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA9EDC9ED-603A-4F3F-BBEA-59C8853A3236", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID90D10942-D952-4863-9DD6-A2BDBBAD456E", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0ECEE744-7B69-4912-AB91-AE76D61ECB04", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF25635B2-1AB9-47B5-88D1-8877B22C86DE", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID27B7F812-4159-45B9-A389-B7A118A58DE4", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF849DF29-393B-4F8B-99D1-117A70D66FC7", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBF1E9C3D-637C-4171-BD12-28A7360B879A", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDDE1C0601-7947-4D7F-A6E5-E68BF6BA1E37", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EA0DCCE-4D98-4876-9C6A-E5C563D0820A", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID446462BA-2AAD-4C88-BC63-5210E2F31465", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0862E368-A40E-4E55-83EB-FBC5571BABA4", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDD2A96E3C-FFB3-4D38-9AC3-B127527BEA35", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4B05B39A-9DDC-4650-A7F8-D5B134E5FFE5", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC8E2574A-7BCE-4B93-A22E-61831DFD6DB8", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID659796C0-8B5D-48D7-A4EB-7E6874E26274", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID78071AB5-E729-414E-8D02-9C1D034F82E7", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCC3F71E1-17F3-4C5B-997D-44CA56943197", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE67D5C78-B2D4-4BA0-8D69-1C7AF4BB08B5", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFC5F3D7A-D321-412C-8A5D-9AD0C8041941", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6EC5CD16-81BC-4515-9EDD-9265C906F56E", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID67CFB2C5-E491-4395-977B-CD45E4124655", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID73600569-52E6-4760-8BAB-B68202937D98", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB02EBD42-6885-401A-9389-E089F7DDC872", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBAE5CB8C-4075-4743-B2E4-78DA8D8CDC64", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID28B07B04-DA99-4FD3-BF27-4972F2B8142B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D53448F-D12B-4102-8CE2-697DAE8D6643", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE3266A47-A141-47B8-AAA8-5F16FB4F8CCD", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB33AB7AF-76D7-4B1C-B709-5D6BF9E7B1C7", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID153B7451-0BB5-4B37-95C0-44D89E2F1F2B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID3BBE8E21-0D3D-4BAA-AC6F-C7BCEF750849", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9B5B4F2D-A7D9-4329-B0FE-92B301A8CAAD", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA5C42921-8CD0-4924-97C3-01B5B0610BC6", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID06969252-F90F-4CF2-9074-33772EB64859", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFBF37655-1236-4C0D-96C5-F94E1724841B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC1A3F035-B68F-4B2B-9FD5-E36DAAAF26DD", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID368F3685-543E-4812-9FDE-96E097E453FC", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID43969873-56AA-4113-84CB-4AB2AEB9AA31", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA205DD80-63D4-4E41-B785-26EC3D90B97B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID068D43E7-7551-4A2F-AE96-4A38A9AD1953", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF443E9CB-9EEC-456E-8AE7-F3102D5CD47D", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE36A7B16-645D-4261-BFF8-3A7E69C5F7A5", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID379805E3-E0E2-40DC-B51B-6DC1AE5802AA", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF6240D69-A06D-44A1-8003-8496CCEF2C53", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID26C3113D-5A71-4F1B-A2CB-BE59E1279DDA", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID92B97F2B-7565-4CE9-9AC7-0598DFD731F8", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID2AA5E7CF-9696-42F0-B76A-8655296EADF2", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0AAACE0B-ACEF-4781-83F4-BFB52EEC995A", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D56FF58-A39D-4E8C-A40B-2E3711251772", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID946121C2-11F1-49DD-A7E3-CF793DE827A4", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB853303D-1BAB-43F3-9D7D-101D0DA8E7A5", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9E578247-FE29-4F8C-8202-A24A5688CF2A", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6D065A8F-FFC0-4A0F-B863-1D724B8C786B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4451D291-6940-42CE-9D3C-CA1D4C96549C", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID064B722D-079D-4EBB-B3CF-9FCBF64FFF5D", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID38F8AB0F-5DFB-43D9-889E-8717CC4AB59B", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EC68CD1-0EF1-4CB9-9EF1-3D64AB266149", "AllAccess");

c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID44F96B27-CFAD-41E1-83A1-6B28040C3BDE", "AllAccess");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-21 19:45

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(700)

c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(3468)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\windows\system32\DVDRAMSV.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\windows\system32\PSIService.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\toshiba\IVP\swupdate\swupdtmr.exe

c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

c:\windows\system32\wscntfy.exe

c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe

.

**************************************************************************

.

Completion time: 2009-04-22 19:51 - machine was rebooted

ComboFix-quarantined-files.txt 2009-04-22 00:49

ComboFix2.txt 2009-04-10 17:04

Pre-Run: 30,483,521,536 bytes free

Post-Run: 30,570,622,976 bytes free

300 --- E O F --- 2009-04-21 06:57

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Apr 21 19:59:40 2009

------------------------------------

Finished reporting.

CLEANING COMPLETE - (63.126 secs)

------------------------------------------------------------------------------------------

111.2MB removed.

------------------------------------------------------------------------------------------

Details of files deleted

------------------------------------------------------------------------------------------

IE Temporary Internet Files (1856 files) 48.9MB

C:\Documents and Settings\Tim\Cookies\tim@ads.bluelithium[1].txt 397 bytes

C:\Documents and Settings\Tim\Cookies\tim@live[2].txt 2.14KB

C:\Documents and Settings\Tim\Cookies\tim@msn[1].txt 1.62KB

C:\Documents and Settings\Tim\Cookies\tim@zone.msn[2].txt 1.85KB

C:\Documents and Settings\Tim\Cookies\tim@packratwiki[1].txt 385 bytes

C:\Documents and Settings\Tim\Cookies\tim@login.live[1].txt 843 bytes

C:\Documents and Settings\Tim\Cookies\tim@c.msn[2].txt 135 bytes

C:\Documents and Settings\Tim\Cookies\tim@c.live[2].txt 68 bytes

C:\Documents and Settings\Tim\Cookies\tim@weather[2].txt 877 bytes

C:\Documents and Settings\Tim\Cookies\tim@zune[2].txt 235 bytes

C:\Documents and Settings\Tim\Cookies\tim@ie.search.msn[2].txt 427 bytes

C:\Documents and Settings\Tim\Cookies\tim@windowsmarketplace[2].txt 263 bytes

C:\Documents and Settings\Tim\Cookies\tim@myspace[1].txt 423 bytes

C:\Documents and Settings\Tim\Cookies\tim@muvee[2].txt 74 bytes

C:\Documents and Settings\Tim\Cookies\tim@rad.msn[2].txt 702 bytes

C:\Documents and Settings\Tim\Cookies\tim@flyingdiscmagazine[1].txt 536 bytes

C:\Documents and Settings\Tim\Cookies\tim@winzip[1].txt 95 bytes

C:\Documents and Settings\Tim\Cookies\tim@youtube[1].txt 97 bytes

C:\Documents and Settings\Tim\Cookies\tim@ecom.dfckc[2].txt 381 bytes

C:\Documents and Settings\Tim\Cookies\tim@odc.weather[1].txt 113 bytes

C:\Documents and Settings\Tim\Cookies\tim@www.msn[1].txt 555 bytes

C:\Documents and Settings\Tim\Cookies\tim@store.muvee[2].txt 122 bytes

C:\Documents and Settings\Tim\Cookies\tim@msn[2].txt 1.47KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009033020090406\index.dat 64.00KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009040620090413\index.dat 48.00KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009041020090411\index.dat 32.00KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009041320090420\index.dat 48.00KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009042020090421\index.dat 48.00KB

C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012009042120090422\index.dat 32.00KB

Marked for deletion: C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\index.dat

Marked for deletion: C:\Documents and Settings\Tim\Cookies\index.dat

Marked for deletion: C:\Documents and Settings\Tim\Local Settings\History\History.IE5\index.dat

C:\Documents and Settings\Tim\Recent\0-Chicago-8-2005.JPG.lnk 860 bytes

C:\Documents and Settings\Tim\Recent\02 - Nickelback - Burn It To The Ground.mp3.lnk 881 bytes

C:\Documents and Settings\Tim\Recent\02 -Nickelback-Dark Horse- Burn It To The Ground.mp3.lnk 926 bytes

C:\Documents and Settings\Tim\Recent\10-20-2008-27-crop.jpg.lnk 1.02KB

C:\Documents and Settings\Tim\Recent\1008t.jpg.lnk 817 bytes

C:\Documents and Settings\Tim\Recent\101MSDCF.lnk 308 bytes

C:\Documents and Settings\Tim\Recent\1989-2.jpg.lnk 794 bytes

C:\Documents and Settings\Tim\Recent\2009t.jpg.lnk 817 bytes

C:\Documents and Settings\Tim\Recent\2011t.jpg.lnk 817 bytes

C:\Documents and Settings\Tim\Recent\2012t.jpg.lnk 817 bytes

C:\Documents and Settings\Tim\Recent\2015t.jpg.lnk 817 bytes

C:\Documents and Settings\Tim\Recent\4th-july-2008.lnk 618 bytes

C:\Documents and Settings\Tim\Recent\action.jpg.lnk 824 bytes

C:\Documents and Settings\Tim\Recent\April_2008 (35).JPG.lnk 892 bytes

C:\Documents and Settings\Tim\Recent\April_Fools.lnk 608 bytes

C:\Documents and Settings\Tim\Recent\Aschool-2-2009.jpg.lnk 866 bytes

C:\Documents and Settings\Tim\Recent\AUTORUN.INF.lnk 297 bytes

C:\Documents and Settings\Tim\Recent\Baughers1.mpg.lnk 554 bytes

C:\Documents and Settings\Tim\Recent\BlastFromThePast.lnk 633 bytes

C:\Documents and Settings\Tim\Recent\Bootcamp5-30-08.lnk 628 bytes

C:\Documents and Settings\Tim\Recent\camera.txt.lnk 476 bytes

C:\Documents and Settings\Tim\Recent\camping.txt.lnk 481 bytes

C:\Documents and Settings\Tim\Recent\CampingAPRIL2009.lnk 739 bytes

C:\Documents and Settings\Tim\Recent\CD Drive.lnk 192 bytes

C:\Documents and Settings\Tim\Recent\CFscript.txt.lnk 488 bytes

C:\Documents and Settings\Tim\Recent\CityMobile-DiscGolf (21).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\CityMobile-DiscGolf (32).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\CityMobile-DiscGolf (34).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\credit1.jpg.lnk 542 bytes

C:\Documents and Settings\Tim\Recent\credit8.jpg.lnk 542 bytes

C:\Documents and Settings\Tim\Recent\credit9.jpg.lnk 542 bytes

C:\Documents and Settings\Tim\Recent\Danni-phone.lnk 608 bytes

C:\Documents and Settings\Tim\Recent\Desktop.ini.lnk 757 bytes

C:\Documents and Settings\Tim\Recent\Dirty.lnk 715 bytes

C:\Documents and Settings\Tim\Recent\DiscGolf-2008&2009.mpg.lnk 886 bytes

C:\Documents and Settings\Tim\Recent\DiscGolf.lnk 611 bytes

C:\Documents and Settings\Tim\Recent\DiscGolf08-09.mpg.lnk 861 bytes

C:\Documents and Settings\Tim\Recent\discgolf12-08 (1).JPG.lnk 881 bytes

C:\Documents and Settings\Tim\Recent\discs.txt.lnk 469 bytes

C:\Documents and Settings\Tim\Recent\Driver Cache.lnk 514 bytes

C:\Documents and Settings\Tim\Recent\DSC00854.JPG.lnk 431 bytes

C:\Documents and Settings\Tim\Recent\DSC01369.JPG.lnk 431 bytes

C:\Documents and Settings\Tim\Recent\e100a325.inf.lnk 677 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (19).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (21).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (22).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (23).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (25).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (27).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (28).JPG.lnk 893 bytes

C:\Documents and Settings\Tim\Recent\Easter09 (5).JPG.lnk 888 bytes

C:\Documents and Settings\Tim\Recent\Easter2009.lnk 621 bytes

C:\Documents and Settings\Tim\Recent\First batch.lnk 608 bytes

C:\Documents and Settings\Tim\Recent\fw.txt.lnk 452 bytes

C:\Documents and Settings\Tim\Recent\Iex2.jpg.lnk 693 bytes

C:\Documents and Settings\Tim\Recent\Infection.zip.lnk 417 bytes

C:\Documents and Settings\Tim\Recent\JavaRa.log.lnk 476 bytes

C:\Documents and Settings\Tim\Recent\LimeWare.lnk 578 bytes

C:\Documents and Settings\Tim\Recent\log.txt.lnk 361 bytes

C:\Documents and Settings\Tim\Recent\Luter (17).JPG.lnk 839 bytes

C:\Documents and Settings\Tim\Recent\Luter (18).JPG.lnk 839 bytes

C:\Documents and Settings\Tim\Recent\Luter (19).JPG.lnk 839 bytes

C:\Documents and Settings\Tim\Recent\March18-09MOBLE (22).JPG.lnk 896 bytes

C:\Documents and Settings\Tim\Recent\March18-09MOBLE (7).JPG.lnk 891 bytes

C:\Documents and Settings\Tim\Recent\Moraine.jpg.lnk 829 bytes

C:\Documents and Settings\Tim\Recent\My Pictures.lnk 503 bytes

C:\Documents and Settings\Tim\Recent\n663620227_3490815_5102.jpg.lnk 946 bytes

C:\Documents and Settings\Tim\Recent\n663620227_3490823_7791.jpg.lnk 946 bytes

C:\Documents and Settings\Tim\Recent\NavyDay (11).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\NavyDay (16).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\NavyDay (20).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\NavyDay4-18-09.lnk 641 bytes

C:\Documents and Settings\Tim\Recent\New Text Document.txt.lnk 533 bytes

C:\Documents and Settings\Tim\Recent\NewOrleans03-15-09.lnk 643 bytes

C:\Documents and Settings\Tim\Recent\NewOrleans3-15-09 (1).JPG.lnk 971 bytes

C:\Documents and Settings\Tim\Recent\NewOrleans3-15-09 (9).JPG.lnk 901 bytes

C:\Documents and Settings\Tim\Recent\NewYears08-09.lnk 618 bytes

C:\Documents and Settings\Tim\Recent\Nick2.JPG.lnk 792 bytes

C:\Documents and Settings\Tim\Recent\Nickelback - Burn It To The Ground.mp3.lnk 856 bytes

C:\Documents and Settings\Tim\Recent\Nickelback - Figured You Out.mp3.lnk 826 bytes

C:\Documents and Settings\Tim\Recent\Nickleback - Photograph.mp3.lnk 890 bytes

C:\Documents and Settings\Tim\Recent\Nikon.lnk 592 bytes

C:\Documents and Settings\Tim\Recent\Nov2008-bw.JPG.lnk 729 bytes

C:\Documents and Settings\Tim\Recent\Nov2008.JPG.lnk 804 bytes

C:\Documents and Settings\Tim\Recent\Oct2008.lnk 586 bytes

C:\Documents and Settings\Tim\Recent\older danni pics.lnk 633 bytes

C:\Documents and Settings\Tim\Recent\PCola-House.lnk 608 bytes

C:\Documents and Settings\Tim\Recent\pirate.lnk 583 bytes

C:\Documents and Settings\Tim\Recent\Prom1992.jpg.lnk 806 bytes

C:\Documents and Settings\Tim\Recent\S0c65.lnk 865 bytes

C:\Documents and Settings\Tim\Recent\Sandcastle.lnk 603 bytes

C:\Documents and Settings\Tim\Recent\ScreenSaver.lnk 403 bytes

C:\Documents and Settings\Tim\Recent\SillyBoySMACKDOWN (1).JPG.lnk 792 bytes

C:\Documents and Settings\Tim\Recent\SillyBoySMACKDOWN (16).JPG.lnk 797 bytes

C:\Documents and Settings\Tim\Recent\sls people.lnk 621 bytes

C:\Documents and Settings\Tim\Recent\SSPX0191.jpg.lnk 857 bytes

C:\Documents and Settings\Tim\Recent\thanksgiving 08.lnk 628 bytes

C:\Documents and Settings\Tim\Recent\Tourney2-Feb28-2009 (10).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\Tourney2-Feb28-2009 (14).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\Tourney2-Feb28-2009 (15).JPG.lnk 916 bytes

C:\Documents and Settings\Tim\Recent\Tourney2-Feb28-2009 (4).JPG.lnk 911 bytes

C:\Documents and Settings\Tim\Recent\Tvs.chm.lnk 725 bytes

C:\Documents and Settings\Tim\Recent\Tvs.lnk 583 bytes

C:\Documents and Settings\Tim\Recent\uwf-discgolf ACE(10).JPG.lnk 896 bytes

C:\Documents and Settings\Tim\Recent\vyAd94HlW.EDw4eJUhJzXA--_m.jpg.lnk 1.16KB

C:\Documents and Settings\Tim\Recent\Xmas08.lnk 581 bytes

C:\Documents and Settings\Tim\Recent\you play.jpeg.lnk 841 bytes

C:\WINDOWS\TEMP\MpCmdRun.log 808 bytes

C:\Documents and Settings\Tim\Local Settings\temp\java_install_reg.log 2.24KB

C:\Documents and Settings\Tim\Local Settings\temp\jusched.log 54 bytes

C:\Documents and Settings\Tim\Local Settings\temp\wzce5c\JavaRa.exe 0.14MB

Removed Cookie: facebook.com

Removed Cookie: rockyou.com

Removed Cookie: rubiconproject.com

Removed Cookie: yahoo.com

Removed Cookie: www.yahoo.com

Removed Cookie: go.com

Removed Cookie: google.com

Removed Cookie: swinglifestyle.com

Removed Cookie: rya.ntt.rockyou.com

Removed Cookie: rya.eq.rockyou.com

Removed Cookie: quantserve.com

Removed Cookie: rya.rockyou.com

Removed Cookie: ad110.myofferpal.com

Removed Cookie: socialreach.com

Removed Cookie: bidsystem.com

Removed Cookie: openx.net

Removed Cookie: d.tradex.openx.com

Removed Cookie: a1.interclick.com

Removed Cookie: interclick.com

Removed Cookie: sochr.com

Removed Cookie: sndg.org

Removed Cookie: 64.111.196.117

Removed Cookie: www.findstuff.com

Removed Cookie: spreadsheets.google.com

Removed Cookie: www.viovio.com

Removed Cookie: viovio.com

Removed Cookie: socialmedia.com

Removed Cookie: rad.msn.com

Removed Cookie: mmismm.com

Removed Cookie: abmr.net

Removed Cookie: media6degrees.com

Removed Cookie: adnxs.com

Removed Cookie: adsfac.us

Removed Cookie: blitzads.com

Removed Cookie: xp-vista.com

Removed Cookie: www.a013.com

Removed Cookie: myantispyware.com

Removed Cookie: siteadvisor.com

Removed Cookie: sdc.mcafee.com

Removed Cookie: www.mcafee.com

Removed Cookie: service.mcafee.com

Removed Cookie: mcafee.com

Removed Cookie: pubmatic.com

Removed Cookie: snap.com

Removed Cookie: community.mcafee.com

Removed Cookie: intellitxt.com

Removed Cookie: bleepingcomputer.com

Removed Cookie: lfstmedia.com

Removed Cookie: somrapi.com

Removed Cookie: adbidcentral.com

Removed Cookie: turn.com

Removed Cookie: babyhopes.com

Removed Cookie: forms.aweber.com

Removed Cookie: blockbuster.com

Removed Cookie: www.blockbuster.com

Removed Cookie: wa.marketingsolutions.yahoo.com

Removed Cookie: opt.fimserve.com

Removed Cookie: answers.yahoo.com

Removed Cookie: specificmedia.com

Removed Cookie: com.com

Removed Cookie: cnet.com

Removed Cookie: revsci.net

Removed Cookie: zoombli.com

Removed Cookie: www.zoombli.com

Removed Cookie: events.webflowmetrics.com

Removed Cookie: malwarebytes.org

Removed Cookie: ncaa.com

Removed Cookie: mmod.ncaa.com

Removed Cookie: penguins.nhl.com

Removed Cookie: bluwiki.com

Removed Cookie: packratwiki.com

Removed Cookie: mail.yahoo.com

Removed Cookie: adshuffle.com

Removed Cookie: by.adshuffle.com

Removed Cookie: udmserve.net

Removed Cookie: addlvr.com

Removed Cookie: bluekai.com

Removed Cookie: delb.opt.fimserve.com

Removed Cookie: wbdgw.com

Removed Cookie: ning.com

Removed Cookie: discgolfer.ning.com

Removed Cookie: desk.opt.fimserve.com

Removed Cookie: ytsa.net

Removed Cookie: tube8.com

Removed Cookie: etology.com

Removed Cookie: srv.etology.com

Removed Cookie: www.adparlor.com

Removed Cookie: clearspring.com

Removed Cookie: www.livenation.com

Removed Cookie: ticketmaster.com

Removed Cookie: wt.ticketmaster.com

Removed Cookie: www.ticketmaster.com

Removed Cookie: ads.as4x.tmcs.ticketmaster.com

Removed Cookie: recaptcha.net

Removed Cookie: de.ticketmaster.com

Removed Cookie: app.insightgrit.com

Removed Cookie: intuit.com

Removed Cookie: contextweb.com

Removed Cookie: action.mathtag.com

Removed Cookie: turbotax.intuit.com

Removed Cookie: hrblock.com

Removed Cookie: taxcut.com

Removed Cookie: rfihub.com

Removed Cookie: myspace.com

Removed Cookie: demr.opt.fimserve.com

Removed Cookie: deeb.opt.fimserve.com

Removed Cookie: desb.opt.fimserve.com

Removed Cookie: nb.myspace.com

Removed Cookie: defp.opt.fimserve.com

Removed Cookie: fimserve.com

Removed Cookie: ebay.com

Removed Cookie: richmedia.yahoo.com

Removed Cookie: ads.ad4game.com

Removed Cookie: ad4game.com

Removed Cookie: weather.com

Removed Cookie: odc.weather.com

Removed Cookie: viewmorepics.myspace.com

Removed Cookie: api.msappspace.com

Removed Cookie: d1.openx.org

Removed Cookie: hulu.com

Removed Cookie: www.hulu.com

Removed Cookie: geocities.com

Removed Cookie: wordpress.com

Removed Cookie: imdb.com

Removed Cookie: kanoodle.com

Removed Cookie: youtube.com

Removed Cookie: www.tech-archive.net

Removed Cookie: tech-archive.net

Removed Cookie: www.technologyquestions.com

Removed Cookie: technologyquestions.com

Removed Cookie: howtogeek.com

Removed Cookie: www.askmehelpdesk.com

Removed Cookie: askmehelpdesk.com

Removed Cookie: walgreens.com

Removed Cookie: www.walgreens.com

Removed Cookie: ask.com

Removed Cookie: turbotaxonline.intuit.com

Removed Cookie: www.webcrawler.com

Removed Cookie: webcrawler.com

Removed Cookie: shopica.com

Removed Cookie: www.taxslayer.com

Removed Cookie: taxslayer.com

Removed Cookie: support.lexisnexis.com

Removed Cookie: sharethis.com

Removed Cookie: flickr.com

Removed Cookie: denimology.co.uk

Removed Cookie: glam.com

Removed Cookie: ads.10click.com

Removed Cookie: service1.predictad.com

Removed Cookie: www.banks.com

Removed Cookie: banks.com

Removed Cookie: 10click.com

Removed Cookie: afy11.net

Removed Cookie: d2roi.com

Removed Cookie: tlal.exelator.net

Removed Cookie: countomat.com

Removed Cookie: hitbuster.com

Removed Cookie: thisis50.com

Removed Cookie: gigya.com

Removed Cookie: metacafe.com

Removed Cookie: vimeo.com

Removed Cookie: amgdgt.com

Removed Cookie: dailymotion.com

Removed Cookie: filmalem.com

Removed Cookie: infolinks.com

Removed Cookie: mookie1.com

Removed Cookie: adinterax.com

Removed Cookie: checkout.google.com

Removed Cookie: ecom.dfckc.com

Removed Cookie: 64.5.219.20

Removed Cookie: business.com

Removed Cookie: www.taxactonline.com

Removed Cookie: rivals.com

Removed Cookie: www.dgcoursereview.com

Removed Cookie: dgcoursereview.com

Removed Cookie: citizentaxfree.com

Removed Cookie: ads.bluelithium.com

Removed Cookie: www.scrapgirls.com

Removed Cookie: interneka.com

Removed Cookie: scrapgirls.com

Removed Cookie: thesewphisticatedstitcher.com

Removed Cookie: yahoo.net

Removed Cookie: store.yahoo.com

Removed Cookie: store.yahoo.net

Removed Cookie: lovingbabyinc.com

Removed Cookie: www.dipity.com

Removed Cookie: dipity.com

Removed Cookie: feed.ndot.com

Removed Cookie: looksmart.com

Removed Cookie: www.cheapoair.com

Removed Cookie: vegard.net

Removed Cookie: medifast1.com

Removed Cookie: digg.com

Removed Cookie: koa.com

Removed Cookie: adventuresunlimited.com

Removed Cookie: calendar.sunherald.com

Removed Cookie: sunherald.com

Removed Cookie: alabama.hometownlocator.com

Removed Cookie: hometownlocator.com

Removed Cookie: forums.stickitdg.com

Removed Cookie: iowadg.com

Removed Cookie: discgolfersr.us

Removed Cookie: www.discgolfersr.us

Removed Cookie: news4jax.com

Removed Cookie: www.pdga.com

Removed Cookie: discussion.pdga.com

Removed Cookie: pdga.com

Removed Cookie: cox.com

Removed Cookie: cox.net

Removed Cookie: walmart.com

Removed Cookie: recs.richrelevance.com

Removed Cookie: autozone.com

Removed Cookie: target.com

Removed Cookie: www.sndg.org

Removed Cookie: voicefive.com

Removed Cookie: analytics.gameforge.de

Removed Cookie: ebaumsworld.com

Removed Cookie: traffiq.com

Removed Cookie: www.blogskinny.com

Removed Cookie: platial.com

Removed Cookie: eas.apm.emediate.eu

Removed Cookie: aumha.net

Removed Cookie: computing.net

Removed Cookie: invitemedia.com

Removed Cookie: bangbros.com

Removed Cookie: news.yahoo.com

Removed Cookie: d.wwar.biz

Removed Cookie: collective-media.net

Removed Cookie: mybloglog.com

Removed Cookie: roia.biz

Removed Cookie: ontheradio.net

Removed Cookie: www.carocaptains.com

Removed Cookie: carocaptains.com

Removed Cookie: tag.admeld.com

Removed Cookie: analytics.spongecell.com

Removed Cookie: dallasnews.com

Removed Cookie: www.dallasnews.com

Removed Cookie: health.yahoo.com

Removed Cookie: delicious.com

Removed Cookie: morbidlyamusingvideos.com

Removed Cookie: great-quotes.com

Removed Cookie: www.great-quotes.com

Removed Cookie: urbandictionary.com

Removed Cookie: www.urbandictionary.com

Removed Cookie: t.antrck.com

Removed Cookie: network.adsmarket.com

Removed Cookie: traviangames.com

Removed Cookie: travian.com

Removed Cookie: dvice.com

Removed Cookie: nbcuni.com

Removed Cookie: s6.travian.com

Removed Cookie: espn.go.com

Removed Cookie: bracketography.com

Removed Cookie: aol.com

Removed Cookie: live.com

Removed Cookie: msn.com

Removed Cookie: capperspicks.com

Removed Cookie: connextra.com

Removed Cookie: affiliate.sportsinteraction.com

Removed Cookie: nsawins.com

Removed Cookie: affiliates.commissionaccount.com

Removed Cookie: ads.us.e-planning.net

Removed Cookie: warmnetworks.com

Removed Cookie: wkrg.com

Removed Cookie: mgnetwork.com

Removed Cookie: www.nbc15online.com

Removed Cookie: centralmediaserver.com

Removed Cookie: ibatom.com

Removed Cookie: www.ibatom.com

Removed Cookie: collarity.com

Removed Cookie: fox10tv.com

Removed Cookie: americantowns.com

Removed Cookie: adtracker.americantowns.com

Removed Cookie: navyformoms.com

Removed Cookie: ninggadgets.com

Removed Cookie: cbs.com

Removed Cookie: track.cbs.com

Removed Cookie: addictinggames.com

Removed Cookie: media.mtvnservices.com

Removed Cookie: core.mochibot.com

Removed Cookie: wsj.com

Removed Cookie: dowjoneson.com

Removed Cookie: loomia.com

Removed Cookie: lostparks.com

Removed Cookie: facebook.livingsocial.com

Removed Cookie: badjojo.com

Removed Cookie: xhamster.com

Removed Cookie: mofosex.com

Removed Cookie: ad2.doublepimp.com

Removed Cookie: www.tnaflix.com

Removed Cookie: tnaflix.com

Removed Cookie: constantcontact.com

Removed Cookie: www.weather.com

Removed Cookie: music.yahoo.com

Removed Cookie: zimbio.com

Removed Cookie: blogger.com

Removed Cookie: celeb9.com

Removed Cookie: chitika.net

Removed Cookie: gossipteen.com

Removed Cookie: info.com

Removed Cookie: intelli-direct.com

Removed Cookie: cnn.com

Removed Cookie: ads.cnn.com

Removed Cookie: bigpicweblog.com

Removed Cookie: amazon.com

Removed Cookie: jutiagroup.com

Removed Cookie: cdn.investingchannel.com

Removed Cookie: sanebull.com

Removed Cookie: ign.com

Removed Cookie: ubt.ign.com

Removed Cookie: www.ign.com

Removed Cookie: movies.ign.com

Removed Cookie: rottentomatoes.com

Removed Cookie: www.rottentomatoes.com

Removed Cookie: current.com

Removed Cookie: tidaltv.com

Removed Cookie: www.addictinggames.com

Removed Cookie: shockwave.com

Removed Cookie: twi.checkm8.com

Removed Cookie: si.com

Removed Cookie: golf.com

Removed Cookie: outbrain.com

Removed Cookie: trc.taboolasyndication.com

Removed Cookie: theknot.com

Removed Cookie: tkcm.theknot.com

Removed Cookie: weddings.theknot.com

Removed Cookie: www.addthis.com

Removed Cookie: main.ebayrtm.com

Removed Cookie: ebayrtm.com

Removed Cookie: euroclick.com

Removed Cookie: www999.shopping.com

Removed Cookie: go.revlon-sample.com

Removed Cookie: hooters.com

Removed Cookie: know-where.com

Removed Cookie: latimes.com

Removed Cookie: www.latimes.com

Removed Cookie: dailygrommet.com

Removed Cookie: boardgamegeek.com

Removed Cookie: www.clickmanage.com

Removed Cookie: www.shopalltel.com

Removed Cookie: shopalltel.com

Removed Cookie: dcs2.alltel.com

Removed Cookie: www6.shopalltel.com

Removed Cookie: www.alltel.com

Removed Cookie: alltel.com

Removed Cookie: att.com

Removed Cookie: www.wireless.att.com

Removed Cookie: wireless.att.com

Removed Cookie: wls.wireless.att.com

Removed Cookie: searchmarketing.com

Removed Cookie: www.nutrisystem.com

Removed Cookie: nutrisystem.com

Removed Cookie: toseeka.com

Removed Cookie: www.kidica.com

Removed Cookie: kidica.com

Removed Cookie: counter.surfcounters.com

Removed Cookie: tracking.foundry42.com

Removed Cookie: thecampingsource.com

Removed Cookie: amazingmoms.com

Removed Cookie: camprecipes.com

Removed Cookie: 66.230.188.67

Removed Cookie: mastersofthehunt.com

Removed Cookie: blurtit.com

Removed Cookie: catalogs.com

Removed Cookie: kaboose.com

Removed Cookie: resources.kaboose.com

Removed Cookie: thebrennans.us

Removed Cookie: scribd.com

Removed Cookie: www.scribd.com

Removed Cookie: www.wkrg.com

Removed Cookie: weather.wkrg.com

Removed Cookie: offers.gratisnetwork.com

Removed Cookie: wwe.com

Removed Cookie: www.answers.com

Removed Cookie: wiki.answers.com

Removed Cookie: answers.com

Removed Cookie: a.answers.com

Removed Cookie: justin.tv

Removed Cookie: www.justin.tv

Removed Cookie: civicscience.com

Removed Cookie: reference.com

Removed Cookie: tumri.net

Removed Cookie: weddingmapper.com

Removed Cookie: waymarking.com

Removed Cookie: cnic.navy.mil

Removed Cookie: tripadvisor.com

Removed Cookie: opentable.com

Removed Cookie: versaillesdining.com

Removed Cookie: goodgrits.com

Removed Cookie: www.menupix.com

Removed Cookie: ads.foodbuzz.com

Removed Cookie: menupix.com

Removed Cookie: www.urbanspoon.com

Removed Cookie: urbanspoon.com

Removed Cookie: citysearch.net

Removed Cookie: citysearch.com

Removed Cookie: myroitracking.com

Removed Cookie: ads.clicksor.com

Removed Cookie: pctools.com

Removed Cookie: flyingdiscmagazine.com

Removed Cookie: discnation.com

Removed Cookie: www.discnation.com

Removed Cookie: paypal.com

Removed Cookie: stats.paypal.com

Removed Cookie: securestudies.com

Removed Cookie: 77.91.228.48

Removed Cookie: www.microsoft.com

Removed Cookie: www.hellolocal.com

Removed Cookie: hellolocal.com

Removed Cookie: download.com

Removed Cookie: microsoft.com

Removed Cookie: rad.microsoft.com

Removed Cookie: store.malwarebytes.org

Removed Cookie: download3k.com

Removed Cookie: www.download3k.com

Removed Cookie: www.google.com

Removed Cookie: www.ecdgc.org

Removed Cookie: nbcnewyork.com

Removed Cookie: fedex.com

Removed Cookie: www.fedex.com

Removed Cookie: ehg.fedex.com

Removed Cookie: images.bestbuy.com

Removed Cookie: channelintelligence.com

Removed Cookie: www.bestbuy.com

Removed Cookie: track.bestbuy.com

Removed Cookie: 2867243284.pub.ezanga.com

Removed Cookie: ezanga.com

Removed Cookie: btcar.com

Removed Cookie: trialpay.com

Removed Cookie: half.ebay.com

Removed Cookie: www.woodlandcampingsupply.com

Removed Cookie: about.com

Removed Cookie: usmilitary.about.com

Removed Cookie: nytimes.com

Removed Cookie: rent.com

Removed Cookie: www.carrentals.com

Removed Cookie: boldchat.com

Removed Cookie: advertising.com

Removed Cookie: gmodules.com

Removed Cookie: kontera.com

Removed Cookie: windowsmarketplace.com

Removed Cookie: sdc.windowsmarketplace.com

Removed Cookie: scorecardresearch.com

Removed Cookie: apmebf.com

Removed Cookie: majorgeeks.com

Removed Cookie: projects.securitywonks.net

Removed Cookie: adbrite.com

Removed Cookie: avast.com

Removed Cookie: ssdc.ups.com

Removed Cookie: insightexpressai.com

Removed Cookie: farmersopry.com

Removed Cookie: adserver.adtechus.com

Removed Cookie: wrestlingclique.com

Removed Cookie: tacoda.net

Removed Cookie: ave99.com

Removed Cookie: dlqm.net

Removed Cookie: unicast.ign.com

Removed Cookie: search.ign.com

Removed Cookie: wii.ign.com

Removed Cookie: filehippo.com

Removed Cookie: wilderssecurity.com

Removed Cookie: www.safer-networking.org

Removed Cookie: secure.signupsecurity.com

Removed Cookie: dkgdiscsports.com

Removed Cookie: www.techspot.com

Removed Cookie: techspot.com

Removed Cookie: searchportal.information.com

Removed Cookie: www.cybertechhelp.com

Removed Cookie: cybertechhelp.com

Removed Cookie: filext.com

Removed Cookie: zootube365.com

Removed Cookie: www.zootube365.com

Removed Cookie: www.subway.com

Removed Cookie: sdc.subway.com

Removed Cookie: redf.org

Removed Cookie: freeforum.avg.com

Removed Cookie: roiservice.com

Removed Cookie: www.support.com

Removed Cookie: winzip.com

Removed Cookie: blogs.myspace.com

Removed Cookie: openxxx.viragemedia.com

Removed Cookie: untd.com

Removed Cookie: mcafee.secureie.com

Removed Cookie: secure.winferno.com

Removed Cookie: winferno.com

Removed Cookie: www.techsupportforum.com

Removed Cookie: techsupportforum.com

Removed Cookie: tracking.realtor.com

Removed Cookie: www.realtor.com

Removed Cookie: realtor.com

Removed Cookie: techguy.org

Removed Cookie: ads.techguy.org

Removed Cookie: forums.techguy.org

Removed Cookie: hfm.checkm8.com

Removed Cookie: load.exelator.com

Removed Cookie: activevirusshield.com

Removed Cookie: self.com

Removed Cookie: imagespeech.com

Removed Cookie: media.photobucket.com

Removed Cookie: photobucket.com

Removed Cookie: mapquest.com

Removed Cookie: e-2dj6wfmiujc5cep.stats.esomniture.com

Removed Cookie: ilike.com

Removed Cookie: tuneforums.com

Removed Cookie: 80s.tuneforums.com

Removed Cookie: bridge1.admarketplace.net

Removed Cookie: admarketplace.net

Removed Cookie: discgolfassoc.com

Removed Cookie: www.discgolfassoc.com

Removed Cookie: barnesandnoble.com

Removed Cookie: forum.travian.com

Removed Cookie: bizrate.com

Removed Cookie: a.websponsors.com

Removed Cookie: tv.com

Removed Cookie: userinstinct.com

Removed Cookie: dhh.louisiana.gov

Removed Cookie: optimize.indieclick.com

Removed Cookie: musicophily.com

Removed Cookie: slack-time.com

Removed Cookie: gigacrate.com

Removed Cookie: top40-charts.com

Removed Cookie: blacksportsonline.com

Removed Cookie: www.mtv.com

Removed Cookie: flux.com

Removed Cookie: mtv.com

Removed Cookie: food.yahoo.com

Removed Cookie: ups.com

Removed Cookie: lowpriceshopper.com

Removed Cookie: wiiinfo.blogspot.com

Removed Cookie: cheatcc.com

Removed Cookie: tag.contextweb.com

Removed Cookie: gametrailers.com

Removed Cookie: cduniverse.com

Removed Cookie: www.cduniverse.com

Removed Cookie: viacom.adbureau.net

Removed Cookie: product-reviews.net

Removed Cookie: ads.lucidmedia.com

Removed Cookie: gamespot.com

Removed Cookie: e-2dj6wflichcpgao.stats.esomniture.com

Removed Cookie: e-2dj6wfloupdjmao.stats.esomniture.com

Removed Cookie: e-2dj6wjk4snc5edo.stats.esomniture.com

Removed Cookie: account.alltel.com

Removed Cookie: masters.com

Removed Cookie: tmcnet.com

Removed Cookie: alltelskins.com

Removed Cookie: www.alltelskins.com

Removed Cookie: www.florida-agriculture.com

Removed Cookie: sdc.doacs.state.fl.us

Removed Cookie: adserver.clicklish.com

Removed Cookie: www.merchantcircle.com

Removed Cookie: merchantcircle.com

Removed Cookie: realestate.aol.com

Removed Cookie: local.newsherald.com

Removed Cookie: newsherald.com

Removed Cookie: freedom.com

Removed Cookie: local.com

Removed Cookie: whrrl.com

Removed Cookie: beliefnet.com

Removed Cookie: www.beliefnet.com

Removed Cookie: feeds.feedburner.com

Removed Cookie: farmersmarket.com

Removed Cookie: servedby.livemercial.com

Removed Cookie: eas4.emediate.eu

Removed Cookie: videos.diariometro.es

Removed Cookie: metrofrance.com

Removed Cookie: soundboard.com

Removed Cookie: www.soundboard.com

Removed Cookie: lycos.com

Removed Cookie: openads.odeo.com

Removed Cookie: odeo.com

Removed Cookie: freebase.com

Removed Cookie: people.com

Removed Cookie: perfectpeople.net

Removed Cookie: videosift.com

Removed Cookie: nbc.com

Removed Cookie: yumenetworks.com

Removed Cookie: s.clickability.com

Removed Cookie: nbcphiladelphia.com

Removed Cookie: madblast.com

Removed Cookie: dmtracker.com

Removed Cookie: new.music.yahoo.com

Removed Cookie: www.smsblaze.com

Removed Cookie: smsblaze.com

Removed Cookie: playoscreen.com

Removed Cookie: kijiji.com

Removed Cookie: pensacola.kijiji.com

Removed Cookie: nhl.com

Removed Cookie: versus.com

Removed Cookie: www.versus.com

Removed Cookie: feeds.accuscore.com

Removed Cookie: visitpensacola.com

Removed Cookie: aus2.mozilla.org

Removed Cookie: download.mozilla.org

Removed Cookie: banner.getyourglamtone.com

Removed Cookie: reviews.metroguide.com

Removed Cookie: trvlnet.adbureau.net

Removed Cookie: mozilla.com

Removed Cookie: puzzlepirates.com

Removed Cookie: yppedia.puzzlepirates.com

Removed Cookie: forums.puzzlepirates.com

Removed Cookie: mp3lyrics.org

Removed Cookie: edit.mp3lyrics.org

Removed Cookie: rhapsody.com

Removed Cookie: p-real.com

Removed Cookie: metrolyrics.com

Removed Cookie: videoegg.adbureau.net

Removed Cookie: as.clearspring.com

Removed Cookie: www.mp3lyrics.org

Removed Cookie: letssingit.com

Removed Cookie: artists.letssingit.com

Removed Cookie: loadan.exelator.net

Removed Cookie: modbee.com

Removed Cookie: modesto.planetdiscover.com

Removed Cookie: www.modbee.com

Removed Cookie: iacas.adbureau.net

Removed Cookie: wunderloop.net

Removed Cookie: chick-fil-a.com

Removed Cookie: groups.yahoo.com

Removed Cookie: ad.backtalkmedia.com

Removed Cookie: packrattools.com

Removed Cookie: twitter.com

Removed Cookie: ads.imarketservices.com

Removed Cookie: harvest99.adgardener.com

Removed Cookie: mvn.com

Removed Cookie: ordie.adbureau.net

Removed Cookie: bleacherreport.com

Removed Cookie: analytics.bleacherreport.com

Removed Cookie: ballhype.com

Removed Cookie: northjersey.com

Removed Cookie: ad.sbnation.com

Removed Cookie: fromtherink.com

Removed Cookie: www.fromtherink.com

Removed Cookie: icehockey.suite101.com

Removed Cookie: www.suite101.com

Removed Cookie: suite101.com

Removed Cookie: emjcd.com

Removed Cookie: www.swoopo.com

Removed Cookie: airtran.com

Removed Cookie: tickets.airtran.com

Removed Cookie: offermatica.com

Removed Cookie: expedia.com

Removed Cookie: media.expedia.com

Removed Cookie: extras.expedia.com

Removed Cookie: delta.com

Removed Cookie: www.delta.com

Removed Cookie: cafepress.com

Removed Cookie: adparlor.com

Removed Cookie: thepittsburghchannel.com

Removed Cookie: wesh.com

Removed Cookie: www.thepittsburghchannel.com

Removed Cookie: wmur.com

Removed Cookie: msnbc.msn.com

Removed Cookie: behindthesteelcurtain.com

Removed Cookie: pulse360.com

Removed Cookie: www.behindthesteelcurtain.com

Removed Cookie: wtrf.com

Removed Cookie: www.wtrf.com

Removed Cookie: bs.serving-sys.com

Removed Cookie: serving-sys.com

Removed Cookie: imrworldwide.com

Removed Cookie: softpedia.com

Removed Cookie: news.softpedia.com

Removed Cookie: shivaranjan.com

Removed Cookie: www.shivaranjan.com

Removed Cookie: pctipsbox.com

Removed Cookie: www.pctipsbox.com

Removed Cookie: cryptagon.adspirit.de

Removed Cookie: fox.com

Removed Cookie: forums.fox.com

Removed Cookie: ubi.com

Removed Cookie: hellskitchenvideogame.us.ubi.com

Removed Cookie: www.tsn.ca

Removed Cookie: ctv.ca

Removed Cookie: eyereturn.com

Removed Cookie: www.about.com

Removed Cookie: search.about.com

Removed Cookie: at.atwola.com

Removed Cookie: home.swinglifestyle.com

Removed Cookie: realmedia.com

Removed Cookie: casalemedia.com

Removed Cookie: network.realmedia.com

Removed Cookie: www.hbo.com

Removed Cookie: southwest.com

Removed Cookie: d.southwest.com

Removed Cookie: d.admazing.com

Removed Cookie: fb.familylink.com

Removed Cookie: ad.accelerator-media.com

Removed Cookie: www.neoseeker.com

Removed Cookie: samsfuncity.com

Removed Cookie: blog.puzzlepirates.com

Removed Cookie: nintendo.com

Removed Cookie: www.nintendo.com

Removed Cookie: madison.com

Removed Cookie: nbc15.com

Removed Cookie: www.nbc15.com

Removed Cookie: www.burstbeacon.com

Removed Cookie: ign64.ign.com

Removed Cookie: adultfriendfinder.com

Removed Cookie: ad.adnetinteractive.com

Removed Cookie: rewardtv.com

Removed Cookie: ardhindie.com

Removed Cookie: www.ardhindie.com

Removed Cookie: www.buddytv.com

Removed Cookie: buddytv.com

Removed Cookie: statcounter.com

Removed Cookie: fridaynightlightsinsider.com

Removed Cookie: tvfanatic.com

Removed Cookie: directv.com

Removed Cookie: www.directv.com

Removed Cookie: a.directv.com

Removed Cookie: www.nbc.com

Removed Cookie: myspacecdn.com

Removed Cookie: music.myspace.com

Removed Cookie: www.hyfntrak.com

Removed Cookie: huffingtonpost.com

Removed Cookie: crwdcntrl.net

Removed Cookie: www.dickssportinggoods.com

Removed Cookie: dickssportinggoods.com

Removed Cookie: shop.nhl.com

Removed Cookie: aggregateknowledge.com

Removed Cookie: dotomi.com

Removed Cookie: dtmpub.com

Removed Cookie: www.canoeklix.com

Removed Cookie: lfpress.ca

Removed Cookie: slam.canoe.ca

Removed Cookie: www.pennlive.com

Removed Cookie: pennlive.com

Removed Cookie: slide.com

Removed Cookie: ebay.com.sg

Removed Cookie: sg.ebayrtm.com

Removed Cookie: forums.kingdomofloathing.com

Removed Cookie: more-banners.com

Removed Cookie: examiner.com

Removed Cookie: www.examiner.com

Removed Cookie: penguins.nhl.tv

Removed Cookie: viddler.com

Removed Cookie: ads.viddler.com

Removed Cookie: fwmrm.net

Removed Cookie: swoopo.com

Removed Cookie: promotr.biz

Removed Cookie: linotraffic.com

Removed Cookie: www.abcjmp.com

Removed Cookie: www5.findstuff.com

Removed Cookie: 7577.91417.primosearch.com

Removed Cookie: lookfamilytravel.com

Removed Cookie: lookcollegesports.com

Removed Cookie: 67.201.36.16

Removed Cookie: sourceforge.net

Removed Cookie: ccleaner.com

C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\tw6763fm.default\downloads.sqlite 19.00KB

Firefox/Mozilla Temporary Internet Cache (249 files) 58.1MB

C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\tw6763fm.default\GoogleToolbarData\searchhistory.xml 25.55KB

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt00.sqm 368 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt01.sqm 1.06KB

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt02.sqm 920 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt03.sqm 244 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt04.sqm 368 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt05.sqm 244 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt06.sqm 612 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt07.sqm 244 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt08.sqm 820 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3808000226\sqmnoopt09.sqm 244 bytes

C:\Documents and Settings\Tim\Application Data\Microsoft\MSN Messenger\3106805897\sqmnoopt00.sqm 316 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\assets.espn.go.com\s_br.sol 64 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\bin.clearspring.com\clearspring.sol 1,018 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cache.reverbnation.com\com.quantserve.sol 74 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cache.reverbnation.com\widgets\swf\28\blog_player.swf\flashwidgetPlayerCookie.sol 58 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn-static.viddler.com\flash\player633.swf\undefined.sol 174 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn-static.viddler.com\flash\player656.swf\undefined.sol 213 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn.neulion.net\prefs.sol 37 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn.neulion.net\s_br.sol 35 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn.visiblemeasures.com\swf\as2\AS2SOHandler.swf\configData.sol 290 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn.visiblemeasures.com\swf\as2\AS2SOHandler.swf\sessionData.sol 137 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cdn.visiblemeasures.com\swf\as2\AS2SOHandler.swf\userData.sol 97 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\core.mochibot.com\com.mochibot.sol 105 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\core.videoegg.com\#com\videoegg\Lookery.sol 95 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\core.videoegg.com\#com\videoegg\Tearsheet.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\core.videoegg.com\#ve\admanager.sol 73 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cosmos.bcst.yahoo.com\COSMOSPrefs.sol 76 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\cosmos.bcst.yahoo.com\COSMOS_FOP.sol 62 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\d.scribd.com\ScribdViewer.swf\instance_identifier.sol 79 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\d.scribd.com\ScribdViewer.swf\scribdSettings.sol 65 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\d.yimg.com\COSMOSPrefs.sol 76 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\d.yimg.com\COSMOS_FOP.sol 88 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\dfckc.com\FlashCookieCASComputerId.sol 93 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\flash.quantserve.com\com.quantserve.sol 74 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\i2.current.com\s_br.sol 35 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\images-na.ssl-images-amazon.com\images\G\16\00\00\03\93\99\82\393998250.swf\MultiStoryModule_msm.sol 50 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\images.delta.com.edgesuite.net\s_br.sol 41 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\include.classistatic.com\include\c3js\classifieds\rel1\FLASH\flashCookie.swf\flashCookie.sol 2.41KB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\include.classistatic.com\include\c3js\classifieds\rel1\FLASH\getMachId.swf\mach_data.sol 177 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\interclick.com\ud.sol 139 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\ford\090421\a\__yFPT_time.sol 124 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\healthy_choice\g\__yFPT_time.sol 124 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\healthy_choice\k\__yFPT_time.sol 124 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\infiniti\090326\a\container.swf\swfCounter.sol 52 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\infiniti\090326\container.swf\swfCounter.sol 52 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\tdameritrade\090330\b\container.swf\swfCounter.sol 54 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\verizon\090323\__yFPT_time.sol 130 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\visa\090320\b\metro\e1.swf\__yFPT_time.sol 124 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\l.yimg.com\a\a\1-\java\promotions\visa\090405\a\metro\e1.swf\__yFPT_time.sol 124 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\lads.myspace.com\videos\Main.swf\preferences.sol 187 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\letssingit.com\ZG9hbHRob3VnaA%3D%3D.sol 55 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\localhost\core.sol 53 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\global\apps\player\flex\Loader.swf\loaderLogging.sol 54 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media\player\gui\FFMod.swf\ffGUILogging.sol 52 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\player\loader\loaderLogging.sol 54 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\player\release\DownShiftHistory.sol 60 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\player\release\MetadataHistory.sol 1.28KB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\player\release\playerCounter.sol 229 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.mtvnservices.com\player\release\userPrefs.sol 426 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.resulthost.org\adbanners.sol 435 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.resulthost.org\banner_data.sol 496 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.resulthost.org\campaigns.sol 96 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.resulthost.org\sources.sol 257 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.resulthost.org\user_data.sol 60 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.scanscout.com\SS_ARE_CatFreqHist.sol 223 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.scanscout.com\SS_ARE_RPCAdHistory.sol 165 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.scanscout.com\SS_ARE_UserData.sol 147 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.tattomedia.com\adbanners.sol 379 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.tattomedia.com\banner_data.sol 479 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.tattomedia.com\campaigns.sol 147 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.tattomedia.com\sources.sol 203 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\media.tattomedia.com\user_data.sol 60 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\mochiads.com\com.mochiads.sol 435 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\mochiads.com\ee64cd89c88a77dc.sol 107 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\objects.tremormedia.com\com.tremormedia.acudeocomponent.sol 162 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\pagead2.googlesyndication.com\pagead\googleadplayer.swf\mediaPlayerUserSettings.sol 94 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\playback.rhapsody.com\-static\players\engine\som_1_0_2.swf\userData1.sol 981 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\player.play.it\player\yimPlayer\yplayer.swf\WM_R_YAHOO.sol 169 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\s.wsj.net\media\swf\microPlayer.swf\so_WSJ_Volume.sol 53 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\s.ytimg.com\soundData.sol 58 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\s.ytimg.com\videostats.sol 199 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\sa.kewego.com\swf\p3\epix.swf\KewegoEPIX_userData.sol 296 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\secureinclude.ebaystatic.com\ebayLSO.sol 160 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\secureinclude.ebaystatic.com\ebayT.sol 39 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\swfs.ilike.com\actions.sol 145 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\swfs.ilike.com\cm_audioPlayer.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\swfs.ilike.com\cm_mediaPlayer.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\swfs.ilike.com\cm_videoPlayer.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\tubemogul.com\InPlayCounts.sol 115 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\tubemogul.com\StreamMinerInfo.sol 59 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\udn.specificclick.net\ufo.sol 33 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\us.mg2.mail.yahoo.com\cookies.sol 67 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\us.mg3.mail.yahoo.com\cookies.sol 67 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\us.mg4.mail.yahoo.com\cookies.sol 67 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\video.nbcuni.com\AdPolicyInfo.sol 111 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\vizu.com\acUserData.sol 239 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\widgets.nbcuni.com\GTSVolume.sol 56 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\widgets.nbcuni.com\s_br.sol 41 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.addictinggames.com\D78AQSAKQLQWI9\5578.swf\userHighScore.sol 49 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.cbs.com\com.quantserve.sol 74 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.dailymotion.com\flash\dmplayer\dmplayer.swf\dmplayer.sol 89 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hooters.com\HOA_Cache.sol 131 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hooters.com\_modules\events.swf\TestMovie_Config_Info.sol 341 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hulu.com\BeaconService.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hulu.com\BeaconServiceV2.sol 491 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hulu.com\com.quantserve.sol 74 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hulu.com\player.swf\Lightningcast.sol 56 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.hulu.com\player.swf\NewSitePlayer.sol 324 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.justin.tv\com.quantserve.sol 74 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.justin.tv\jtv_settings.sol 13.14KB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.mofosex.com\censoredYouJapan.swf\player_settings.sol 47 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.paypal.com\paypalLSO.sol 111 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.paypal.com\ppLsoTest.sol 48 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.ripetv.com\s_br.sol 518 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.thepittsburghchannel.com\download\sh\images\flash\mediawindow_320x340_v1.swf\mediaWindowSO4.sol 59 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.tnaflix.com\player_v0.2.1.swf\flixstream_volume.sol 49 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.wwe.com\swf\ep\player.swf\toutep.sol 536 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.youtube.com\videostats.sol 199 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.zootube365.com\swf\player.swf\xmoov.sol 78 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\www.zootube365.com\swf\player.swf\xmoov_zootube365.sol 76 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\#SharedObjects\Q2P6BCP4\zone.msn.com\binGame\strd\default\game.swf\playerData.sol 133 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#assets.espn.go.com\settings.sol 88 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol 89 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cache.reverbnation.com\settings.sol 92 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn-static.viddler.com\settings.sol 92 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.neulion.net\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.taboolasyndication.com\settings.sol 96 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn.visiblemeasures.com\settings.sol 93 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.mochibot.com\settings.sol 87 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#core.videoegg.com\settings.sol 87 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cosmos.bcst.yahoo.com\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#d.scribd.com\settings.sol 82 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#d.yimg.com\settings.sol 80 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#dfckc.com\settings.sol 79 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#flash.quantserve.com\settings.sol 90 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#i2.current.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#images-na.ssl-images-amazon.com\settings.sol 101 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#images.delta.com.edgesuite.net\settings.sol 100 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#include.classistatic.com\settings.sol 94 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#l.yimg.com\settings.sol 80 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#lads.myspace.com\settings.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#letssingit.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol 75 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.mtvnservices.com\settings.sol 92 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.resulthost.org\settings.sol 90 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.scanscout.com\settings.sol 89 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.tattomedia.com\settings.sol 90 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mochiads.com\settings.sol 82 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#objects.tremormedia.com\settings.sol 93 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pagead2.googlesyndication.com\settings.sol 99 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#playback.rhapsody.com\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#player.play.it\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.wsj.net\settings.sol 79 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol 81 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#sa.kewego.com\settings.sol 83 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#secureinclude.ebaystatic.com\settings.sol 98 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.twitter.com\settings.sol 88 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static4.livenation.com\settings.sol 92 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#swfs.ilike.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#tubemogul.com\settings.sol 83 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#udn.specificclick.net\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#us.mg2.mail.yahoo.com\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#us.mg3.mail.yahoo.com\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#us.mg4.mail.yahoo.com\settings.sol 91 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.com\settings.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.nbcuni.com\settings.sol 86 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#vizu.com\settings.sol 78 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#widgets.clearspring.com\settings.sol 93 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#widgets.nbcuni.com\settings.sol 88 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.addictinggames.com\settings.sol 92 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.cbs.com\settings.sol 81 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.dailymotion.com\settings.sol 89 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.hooters.com\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.hulu.com\settings.sol 82 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.justin.tv\settings.sol 83 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.mofosex.com\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.paypal.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.ripetv.com\settings.sol 84 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.thepittsburghchannel.com\settings.sol 98 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.tnaflix.com\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.weather.com\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.wwe.com\settings.sol 81 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\settings.sol 85 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.zootube365.com\settings.sol 88 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#zone.msn.com\settings.sol 82 bytes

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 1.77KB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\digest.s 2.78KB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 1.80MB

C:\Documents and Settings\Tim\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe 1.42MB

C:\Documents and Settings\Tim\Application Data\Real\RealPlayer\realplayer.ste 709 bytes

C:\Documents and Settings\Tim\Application Data\Real\RealPlayer\History\Sex - Seymore Butts - Female Ejaculat....lnk 1.94KB

C:\Program Files\Common Files\Real\Update_OB\RealPlayer-log.txt 72.66KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{07E25A98-25B2-4053-9752-2D01112D9961} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{2431C0EF-B61A-4D93-8EBA-6F4D6E619A11} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{45C6050A-B8C7-4FED-9D86-6A49EB57C642} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{556751BA-B609-4115-969A-B477D1E17BD2} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{84911722-DC57-4347-BFF4-93DA90233DE1} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{8BA6C9FB-1F7E-4D28-8EC2-6677B75843FA} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{E1F124BE-8D3C-490C-AC56-875E35E8C48F} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{EEEAF3E1-901F-4F42-9F6C-8266C6D3114D} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick\{EFBEDC77-D67F-49AF-8409-2B844EE85F77} 5.43KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0B1048D6-CAB2-4A4C-97F6-7AA500EEFCA7} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{0DD2BA8A-93E9-4FCC-925B-88B3F16AE8BE} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{104F6ED6-B474-456B-ABD3-FF0CE4A5C6D3} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{12FF5E5E-977F-4F9E-9410-BDDED0393C06} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{16FAF5D8-4964-48C6-8AD0-40CB6135C044} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{17C10070-D768-4152-A574-3E44416419BC} 5.68KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{1B48618E-B5B6-47A9-B92B-5F408ED05A9A} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{24946F40-3DFE-41DF-A365-7BEDFD47A230} 5.69KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{33EB05DD-45EA-476B-9C9C-A1E1E9EB24EE} 5.82KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{36FCD515-E23D-4F84-81E9-88518CE74200} 5.75KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{39B5529B-ADC7-4BFB-8327-934768485E62} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{3C1CDDD7-495C-4DE8-B0E2-1FDEF1205503} 5.75KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{42A7D894-DF3B-4B4F-A37B-673D64F8C889} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{431D0BBF-4E5E-4A25-88F6-D680EA5DDEAC} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{44D27BBB-10EA-479C-8566-A5B179E2CD81} 6.02KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{4508B39E-F83A-4595-BB02-83551B24EDA7} 5.73KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{451E81F2-1C04-4DD3-8059-4FE424720DC4} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{457925C7-355C-4BB8-A397-EC749B98708B} 5.75KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{5CCE7629-5CCC-40F1-86C4-DDB7C7724FE7} 5.74KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{61210CE8-70C5-447E-8DFD-07C21FEBAD8E} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{629A1D88-E67E-4732-BA2C-5CBA9997C5FF} 6.01KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{65E8A8BA-E087-46EB-8BC5-D350C59A1130} 5.70KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{6C4CA437-BBE8-4DEC-939F-8EE2F0F186E8} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{79BAA5DA-76EC-414B-97D0-221580C72928} 5.74KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{7C498AD9-0E00-44F7-9193-8D162D6D9D9E} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{842759F4-E626-479B-BB38-C3F486E029B8} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{8CFC3092-A820-43BA-A552-FE25754D11C8} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{94376BCE-4EAA-4985-82BE-96D995E6AF12} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{949216F4-EFFE-4C8C-AA7E-18298A3A21DE} 5.70KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A34E488B-216B-453B-A6B0-A596F70A5A2F} 5.70KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A6339FA8-BDA4-4106-AD30-EEC68FC2FAAE} 5.68KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{A9DA955C-C917-40C0-A488-FD57BEB4C20C} 5.88KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{AC90D996-3AC9-48A5-8817-1CEE068FCC75} 5.75KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{AC9FAC60-5901-4A5A-B9D9-44B780D3F6E6} 5.68KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B0259435-B712-4CF1-9E66-747179D6E8B2} 5.88KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{B7D0D080-CB86-4344-8131-AA6792EDAA80} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{BB901EA6-EF95-4126-B486-A21DA700532C} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{BBB0F96F-955E-4D1E-B57D-21A2CD9E5703} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{BDC53584-510E-4823-A3A5-DAE33865AA84} 5.68KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{C55B9C18-F2EF-4E94-9B8A-0AEFA897216F} 5.99KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{C64F2230-4D9E-43BA-B9C6-22958BF7897F} 5.74KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{C7E5C6C4-CF13-4CCD-89F7-5FBCCD2F4829} 5.87KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{CB0BBF89-ACE8-486A-A547-E36DB711B922} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{D5B13377-FD1D-4EBF-9E58-91AC38510A3C} 5.88KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E1B35D49-4532-4F22-84DD-BF8700AD6B10} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E5A0A45C-4135-49A2-841D-DC61E35A90E5} 5.75KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{E5F72E56-0D50-4FD1-8A9B-E4F80DA17C83} 5.73KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{EC13F2E4-7BB1-41AB-88BB-3D23A100B269} 5.72KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{F1F499CF-1933-46B1-9934-D9317CCEDB96} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{FBB74109-3F2D-4879-8879-B65B7D838E87} 5.71KB

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Scans\History\Results\Resource\{FE3E2FE9-AD84-4579-B46E-92CBE4F328D2} 5.75KB

------------------------------------------------------------------------------------------

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7.0 REPORT

Tuesday, April 21, 2009

Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

Kaspersky Online Scanner version: 7.0.26.13

Program database last update: Wednesday, April 22, 2009 02:42:33

Records in database: 2067570

--------------------------------------------------------------------------------

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

Scan area - My Computer:

C:\

D:\

Scan statistics:

Files scanned: 104946

Threat name: 1

Infected objects: 1

Suspicious objects: 0

Duration of the scan: 01:47:27

File name / Threat name / Threats count

C:\Documents and Settings\Tim\Incomplete\T-4620425-superman.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1

The selected area was scanned.

Yammits · April 22, 2009

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:14:35 PM, on 4/21/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Toshiba\Tvs\TvsTray.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Corel\Corel MediaOne\CorelIOMonitor.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Java\jre6\bin\java.exe

C:\Documents and Settings\Tim\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.mcafee.com

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://msn.worldwinner.com/games/v47/share...GamesLoader.cab

O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinner.com/games/v48/brickout/brickout.cab

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

AdvancedSetup · April 22, 2009

Please edit your CFscript.txt file and replace it with this and drop it on Combofix again.

KILLALL::

Driver::
Fnru77
hequllca
npf

File::
C:\Documents and Settings\Tim\Incomplete\T-4620425-superman.mp3

Update and Scan with Malwarebytes' Anti-Malware

Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
- Update Malwarebytes' Anti-Malware
- Select the Update tab
- Click Update
[*]When the update is complete, select the Scanner tab
[*]Select Perform quick scan, then click Scan.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Be sure that everything is checked, and click Remove Selected.
[*]When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Then post back the MBAM log and a new Hijackthis log.

Please let me know how the computer is running now and if there are still any signs of infection or not.

Yammits · April 22, 2009

Computer seems fine. I can use the usb and I'm not getting google re-directs anymore.

ComboFix 09-04-22.A23 - Tim 04/22/2009 8:20.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.174 [GMT -5:00]

Running from: c:\documents and settings\Tim\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Tim\Desktop\CFscript.txt

FILE ::

c:\documents and settings\Tim\Incomplete\T-4620425-superman.mp3

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Tim\Incomplete\T-4620425-superman.mp3

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_FNRU77

-------\Legacy_NPF

-------\Service_Fnru77

-------\Service_hequllca

-------\Service_npf

((((((((((((((((((((((((( Files Created from 2009-03-22 to 2009-04-22 )))))))))))))))))))))))))))))))

.

2009-04-22 01:29 . 2009-04-22 01:29 73728 ----a-w c:\windows\system32\javacpl.cpl

2009-04-22 01:29 . 2009-04-22 01:29 -------- d-----w c:\program files\Java